Deploying CAS 3.0.x in RHEL 5 with Sun Java

Most people will find that installing CAS 3.0.x on RHEL 5 isn't initially as straightforward as they hoped.  This is largely in part due to Redhat not officially supporting either the Sun Java Development Kit (JDK).  By default, Redhat has bundled RHEL 5 with the GNU Compiler for Java (GCJ) from JPackage, which is equivalent to J2SE 1.4.2 as of July 2007.  This can cause code compiled by newer versions of Sun JDK to be incompatible with GCJ.  However, it is not only possible but fairly easy to get CAS 3.0.x deployed on RHEL 5.

As an alternative to the instructions below it is possible to use the Sun JVM/JDK (1.5.0) which is supplied on the RHEL5 Supplementary Disc, and the corresponding supplementary updates repository.  This can be used with the stock RHEL5 version of tomcat (5.5.23).  The advantage of using the packages which are supplied by Red Hat is that you will be provided with security updates for these packages by Red Hat - otherwise you will have to manually monitor the relevant upstream mailing lists for security announcements, and then download and reinstall security fixes as necessary.  Once you have the RHEL5 supplementary repository configured, you can:

#  yum install java-1.5.0-sun java-1.5.0-sun-devel
# /etc/init.d/tomcat5 restart 

The newly installed JVM and JDK will become the default via the Linux "alternatives" mechanism.  To verify the Java version being used, drop the following code snippet into /var/lib/tomcat5/webapps/test/index.jsp

 <html>
  <head><title>Java system info</title></head>
  <body><p>Java Version <%= java.lang.System.getProperty("java.version") %></p>
<p>Vendor <%= java.lang.System.getProperty("java.vendor") %></p>
<p>Java home <%= java.lang.System.getProperty("java.home") %></p>
<p>Java VM Version <%= java.lang.System.getProperty("java.vm.version") %></p>
<p>Server OS name <%= java.lang.System.getProperty("os.name") %></p></body></html>

and check the output with:

lynx http://localhost:8080/test



NOTE: This walkthrough uses Apache HTTP server to front-end Apache Tomcat 5.5.x for SSL by forwarding requests through the Apache mod_jk module.

NOTE: This walkthrough involves the use of precompiled Sun Java 6 and Apache Tomcat 5.5.x binaries rather than keeping RHEL 5 in sync with yum repositories.

NOTE: You can avoid step 2, 4, 5 and 6 and keep your Tomcat package in sync with the Redhat yum repo. However you'll end up with a somewhat mixed environment that may cause some issues. See http://www.ja-sig.org/wiki/display/CASUM/Switching+to+a+Sun+JVM+in+RHEL.

Step 1: Download and install Apache HTTP server

The following software packages from yum should be installed for Apache HTTP:

  • httpd
  • mod_ssl

The following software packages are optional but necessary if you want to install the Apache mod_jk module to forward Apache HTTP requests to Apache Tomcat.  If not, then you can use the Apache mod_proxy_ajp module installed by default with Apache HTTP:

  • httpd-devel
  • apr
  • apr-devel
  • apr-util
  • apr-util-devel

Once all of the packages have been installed, check the /usr/lib/httpd/modules directory to make sure that the mod_proxy_ajp module was installed.  The mod_proxy_ajp module is needed to front-end Apache Tomcat with Apache HTTP, which we will see later.

The only immediate Apache HTTP configuration change that needs to be made now is to configure the server's host name.  This can be done by editing the /etc/httpd/conf/httpd.conf file, uncommenting the line with ServerName, and setting it appropriately for the server.

Step 2: Remove pre-installed version of Apache Tomcat 5.5.x

If your installation of RHEL 5 has Apache Tomcat 5.5.x installed by default, then it must be removed.  This can be done easily through yum as RHEL 5 saw Redhat replacing up2date with yum as the preferred package management tool.

[root@localhost ~]# yum list installed | grep tomcat
tomcat5.i386 5.5.23-0jpp.1.0.4.el5 rhel-i386-server
tomcat5-common-lib.i386 5.5.23-0jpp.1.0.4.el5 rhel-i386-server
tomcat5-jasper.i386 5.5.23-0jpp.1.0.4.el5 rhel-i386-server
tomcat5-jsp-2.0-api.i386 5.5.23-0jpp.1.0.4.el5 rhel-i386-server
tomcat5-server-lib.i386 5.5.23-0jpp.1.0.4.el5 rhel-i386-server
tomcat5-servlet-2.4-api.i386 5.5.23-0jpp.1.0.4.el5 rhel-i386-server

[root@localhost ~]# yum remove tomcat5.i386
Loading "installonlyn" plugin
Loading "rhnplugin" plugin
Setting up Remove Process
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
...
--> Running transaction check
Setting up repositories
rhel-i386-server-5 100% |=========================| 1.4 kB 00:00
Reading repository metadata in from local files

...
Dependencies Resolved

=============================================================================
Package Arch Version Repository Size
=============================================================================
Removing:
tomcat5 i386 5.5.23-0jpp.1.0.4.el5 rhel-i386-server-5 335 k
Removing for dependencies:
geronimo-specs i386 1.0-0.M2.2jpp.12 rhel-i386-server-5 230 k
geronimo-specs-compat i386 1.0-0.M2.2jpp.12 rhel-i386-server-5 5.5 k
jakarta-commons-fileupload i386 1:1.0-6jpp.1 rhel-i386-server-5 48 k
tomcat5-common-lib i386 5.5.23-0jpp.1.0.4.el5 rhel-i386-server-5 196 k
tomcat5-jasper i386 5.5.23-0jpp.1.0.4.el5 rhel-i386-server-5 981 k
tomcat5-jsp-2.0-api i386 5.5.23-0jpp.1.0.4.el5 rhel-i386-server-5 93 k
tomcat5-server-lib i386 5.5.23-0jpp.1.0.4.el5 rhel-i386-server-5 3.6 M
tomcat5-servlet-2.4-api i386 5.5.23-0jpp.1.0.4.el5 rhel-i386-server-5 150 k

Transaction Summary
=============================================================================
Install 0 Package(s)
Update 0 Package(s)
Remove 9 Package(s)

Is this ok [y/N]:

Once Tomcat is removed, then we can move onto setting up our Sun Java environment!

Step 3: Download and install Sun JDK

NOTE:  If you are trying to install the Sun JDK on a remote server, then you will have to download the JDK through a text web browser such as elinks, which is available through yum and usually installed by default.  An interactive browser is necessary as you must agree to Sun's licensing terms.  If this is not an option, then you can always download it on another computer and FTP it to the remote server.

In order to download a version of Sun JDK, navigate to Sun's Java website (http://java.sun.com/) and choose either the Java Standard Edition (Java SE) or Java Enterprise Edition (Java EE).  After agreeing to Sun's licensing agreement, download the Linux RPM in self-extracting file (jdk-6u2-linux-i586-rpm.bin).


Once you have downloaded the necessary file to the machine it will be installed upon, we can begin the installation process.  The RPM must be executable in order for it to be installed, so chmod in the example below and execute the RPM.  Several pages of licensing terms will be displayed which you must agree to abide by before the JDK will be installed.  By default, the JDK will be installed under the /usr/java directory with sym links to the version installed.

[root@localhost ~]# chmod 755 jdk-6u2-linux-i586-rpm.bin
[root@localhost ~]# ./jdk-6u2-linux-i586-rpm.bin
... Sun JDK installation licensing terms and installation dialog
[root@localhost ~]# cd /usr/java
[root@localhost java]# ls -l
lrwxrwxrwx 1 root root   16 Jun 21 14:56 default -> /usr/java/latest
drwxr-xr-x 9 root root 4096 Jul 26 08:35 jdk1.6.0_02
lrwxrwxrwx 1 root root   21 Jul 26 08:36 latest -> /usr/java/jdk1.6.0_02
[root@localhost java] #

 Now that the Sun JDK is installed, we need to set up the necessary environment variables for Java and Tomcat for all users.

Step 4: Set up necessary environment variables

There are two main reasons why we need to set up environment variables for Java:

  1. Ensure that the Sun JDK executables are used instead of the GCJ executables
  2. Many Java applications like Apache Tomcat and Ant rely upon standard environment variables for locating the installed package

To set up environment variables for all users, we will edit /etc/profile which affects all users.  Open your favorite text or line editor (shameless plug for vim) and add the following block at the top of the file:

export JAVA_HOME=/usr/java/latest
export JRE_HOME=/usr/java/latest/jre
export ANT_HOME=/usr/local/ant
export CATALINA_HOME=/usr/local/tomcat
export PATH=$JAVA_HOME/bin:$ANT_HOME/bin:$PATH

These environment variables will take effect whenever you next login to the machine.  You can also run each of these commands from the console to take effect immediately.

Step 5: Download and install Apache Tomcat 5.5.x

NOTE:  If you are trying to install the Apache Tomcat on a remote server, then you can download it through wget, which is available through yum and usually installed by default.  If this is not an option, then you can always download it using a text web browser such as elinks or FTP from another computer.

In order to download Apache Tomcat 5.5.x, navigate to the Apache Tomcat website (http://tomcat.apache.org/) and click on the Tomcat 5.x link under the Download section.  The following screen will allow you to download the latest version of Apache Tomcat, which is 5.5.23 as of July 2007.  Under the "Binary Distributions" section of 5.5.23, choose to download the TAR.GZ version of the Core distribution as seen in the screenshot below.

Once you have downloaded the TAR.GZ, you simply need to extract the files from it into the directory where Tomcat will live.  This needs to be the same as the CATALINA_HOME environment variable we set earlier (/usr/local/tomcat).  Also, Tomcat needs a user account to run as, so we will create the "tomcat" user and give it permission to the Tomcat directory.

 [root@localhost local]# wget http://mirror.nyi.net/apache/tomcat/tomcat-5/v5.5.23/bin/apache-tomcat-5.5.23.tar.gz
-14:47:17-  http://mirror.nyi.net/apache/tomcat/tomcat-5/v5.5.23/bin/apache-tomcat-5.5.23.tar.gz
           => `apache-tomcat-5.5.23.tar.gz'
Resolving mirror.nyi.net... 64.90.181.77
Connecting to mirror.nyi.net|64.90.181.77|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 5,977,561 (5.7M) [application/x-gzip]

100%[=================================================================================================================>] 5,977,561    661.79K/s    ETA 00:00

14:47:26 (638.93 KB/s) - `apache-tomcat-5.5.23.tar.gz' saved [5977561/5977561]

[root@localhost local]# tar -xzf apache-tomcat-5.5.23.tar.gz
[root@localhost local]# useradd tomcat
[root@localhost local]# chown tomcat:tomcat -R apache-tomcat-5.5.23
[root@localhost local]# ln -s apache-tomcat-5.5.23 tomcat
[root@localhost local]# ls -l
total 80
drwxr-xr-x 11 tomcat tomcat 4096 Jun 22 12:45 apache-tomcat-5.5.23
drwxr-xr-x  2 root   root   4096 Oct 10  2006 bin
drwxr-xr-x  2 root   root   4096 Oct 10  2006 etc
drwxr-xr-x  2 root   root   4096 Oct 10  2006 games
drwxr-xr-x  2 root   root   4096 Oct 10  2006 include
drwxr-xr-x  2 root   root   4096 Oct 10  2006 lib
drwxr-xr-x  2 root   root   4096 Oct 10  2006 libexec
drwxr-xr-x  2 root   root   4096 Oct 10  2006 sbin
drwxr-xr-x  4 root   root   4096 Mar 16 04:26 share
drwxr-xr-x  2 root   root   4096 Oct 10  2006 src
lrwxrwxrwx  1 root   root     20 Jun 22 12:43 tomcat -> apache-tomcat-5.5.23
[root@localhost local]#

Step 6: Download and install Apache Ant


Step 7: Forward Apache HTTP requests to Apache Tomcat


Step 8: Download and deploy CAS server 3.0.xÂ